Rich Mingin (PLUG) via plug on 6 May 2024 10:27:12 -0700


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Why Your VPN May Not Be As Secure As It Claims


I don't frequent Krebs, but that article is just plain not-good. It
starts out with a basic premise, sowing a little generic FUD about how
VPNs aren't always perfect security, then veers off into some very
basic networking attacks.

If you have a bad actor on the hotel wifi exhausting the house DHCP
pool and broadcasting a rogue DHCP server, you have a pretty serious
attack going on. I'd recommend doing your best to determine the
location, alerting hotel staff, and retrieving a fire axe. This is
precisely why I travel with a little wifi hotspot that I rooted,
powered by my usual cell provider.

No, Linux does not appear to honor DHCP o.121, at least in any of the
distros I checked. Requires some additional config/non-default options
in Arch, RHEL, and Debian.

https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/6.1_technical_notes/ar01s04s05

On Mon, May 6, 2024 at 1:18 PM K.S. Bhaskar via plug
<plug@lists.phillylinux.org> wrote:
>
> https://krebsonsecurity.com/2024/05/why-your-vpn-may-not-be-as-secure-as-it-claims/
>
> Does Linux ignore DHCP option 121? I wonder how concerned one should be using a VPN at an airport or hotel.
>
> Regards
> – Bhaskar
> ___________________________________________________________________________
> Philadelphia Linux Users Group         --        http://www.phillylinux.org
> Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
> General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug